The Cybereason team is following an active campaign to deliver multiple different types of malware and infect victims all over the world.
Due to the variety of malware types deployed in this attack, the attackers are able to steal a wide array of sensitive data, mine for Monero, and in certain cases also deploy ransomware.
All of the payloads observed in this campaign originated from a code repository platform, Bitbucket, which was abused as part of the attackers delivery infrastructure.
We highly recommend every customer enable the following features: